protected override async Task <UserReadModel> ProcessAsync(UserManagementCommand <UserVerifyOTPModel> message, CancellationToken cancellationToken)
{
var model = message.Model;
var user = await _dataContext.Users.GetByKeyAsync(model.Id)
.ConfigureAwait(false);
if (user == null)
{
throw new DomainException(422, $"User with Id '{model.Id}' not found.");
}
if (user.PhoneNumber != model.PhoneNumber)
{
throw new DomainException(422, $"User with phone number '{model.PhoneNumber}' not exist in system.");
}
if (user.OTP != model.OTP)
{
throw new DomainException(422, $"The '{model.OTP}' account verification number is not valid.,");
}
user.IsPhoneNumberConfirmed = true;
user.Updated = DateTimeOffset.UtcNow;
await _dataContext.SaveChangesAsync(cancellationToken).ConfigureAwait(false);
var readModel = _mapper.Map <UserReadModel>(user);
return(readModel);
}
protected override async Task <UserReadModel> ProcessAsync(UserManagementCommand <UserSendOTPModel> message, CancellationToken cancellationToken)
{
var otp = GenerateRandomOTP(4, saAllowedCharacters);
var model = message.Model;
var user = await _dataContext.Users.GetByKeyAsync(model.Id)
.ConfigureAwait(false);
if (user == null)
{
throw new DomainException(422, $"User with Id '{model.Id}' not found.");
}
if (user.PhoneNumber != model.PhoneNumber)
{
throw new DomainException(422, $"User with phone number '{model.PhoneNumber}' not exist in system.");
}
var result = await _sMSTemplateService.SendOTP(user.PhoneNumber, otp).ConfigureAwait(false);
if (result == false)
{
throw new DomainException(422, $"Unable to send OTP '{model.PhoneNumber}' please try again later or contact administrator.");
}
user.OTP = otp;
user.Updated = DateTimeOffset.UtcNow;
user.IsPhoneNumberConfirmed = false;
await _dataContext.SaveChangesAsync(cancellationToken).ConfigureAwait(false);
var readModel = _mapper.Map <UserReadModel>(user);
return(readModel);
}
public async Task <IActionResult> ResetPassword(CancellationToken cancellationToken, UserResetPasswordModel model)
{
var userAgent = Request.UserAgent();
var command = new UserManagementCommand <UserResetPasswordModel>(model, User, userAgent);
var result = await Mediator.Send(command, cancellationToken).ConfigureAwait(false);
return(Ok(result));
}
public async Task <IActionResult> ResetOTP(CancellationToken cancellationToken, UserSendOTPModel model)
{
var userAgent = Request.UserAgent();
var command = new UserManagementCommand <UserSendOTPModel>(model, User, userAgent);
var result = await Mediator.Send(command, cancellationToken).ConfigureAwait(false);
return(new OkObjectResult(new
{
Data = result != null ? true : false,
Status = StatusCodes.Status200OK
}));
}
protected override async Task <UserReadModel> ProcessAsync(UserManagementCommand <UserForgotPasswordModel> message, CancellationToken cancellationToken)
{
var model = message.Model;
// check for existing user
var user = await _dataContext.Users
.GetByEmailAddressAsync(model.EmailAddress)
.ConfigureAwait(false);
if (user == null)
{
throw new DomainException(422, $"User with email '{model.EmailAddress}' not found.");
}
var resetToken = Guid.NewGuid().ToString("N");
var resetHash = _passwordHasher.HashPassword(resetToken);
user.ResetHash = resetHash;
user.UpdatedBy = "system";
user.Updated = DateTimeOffset.UtcNow;
await _dataContext
.SaveChangesAsync(cancellationToken)
.ConfigureAwait(false);
var emailModel = new UserResetPasswordEmail
{
EmailAddress = user.EmailAddress,
DisplayName = user.DisplayName,
ResetToken = resetToken,
UserAgent = message.UserAgent,
ResetLink = $"{_hostingOptions.Value.ClientDomain}#/reset-password/{resetToken}"
};
await _emailTemplateService.SendResetPasswordEmail(emailModel).ConfigureAwait(false);
// convert to read model
var readModel = _mapper.Map <UserReadModel>(user);
return(readModel);
}
public async Task <IActionResult> Register(CancellationToken cancellationToken, UserRegisterModel model)
{
var userAgent = Request.UserAgent();
var command = new UserManagementCommand <UserRegisterModel>(model, User, userAgent);
var result = await Mediator.Send(command, cancellationToken).ConfigureAwait(false);
var tokenRequest = new TokenRequest
{
GrantType = "password",
ClientId = "TrainDTrainorUI",
UserName = model.EmailAddress,
Password = model.Password
};
var authenticateCommand = new AuthenticateCommand(userAgent, tokenRequest);
var tokenResult = await Mediator.Send(authenticateCommand, cancellationToken).ConfigureAwait(false);
return(new OkObjectResult(new
{
Data = tokenResult,
Status = StatusCodes.Status200OK
}));
}
protected override async Task <UserReadModel> ProcessAsync(UserManagementCommand <UserChangePasswordModel> message, CancellationToken cancellationToken)
{
var model = message.Model;
var userId = message.Principal.Identity.GetUserId();
var emailAddress = message.Principal.Identity.GetUserName();
// check for existing user
var user = await _dataContext.Users
.FindAsync(userId)
.ConfigureAwait(false);
if (user == null)
{
throw new DomainException(422, $"User with email '{emailAddress}' not found.");
}
if (!_passwordHasher.VerifyPassword(user.PasswordHash, model.CurrentPassword))
{
throw new DomainException(HttpStatusCode.Unauthorized, "The password is incorrect");
}
var passwordHashed = _passwordHasher
.HashPassword(model.UpdatedPassword);
user.PasswordHash = passwordHashed;
user.UpdatedBy = emailAddress;
user.Updated = DateTimeOffset.UtcNow;
await _dataContext
.SaveChangesAsync(cancellationToken)
.ConfigureAwait(false);
// convert to read model
var readModel = _mapper.Map <UserReadModel>(user);
return(readModel);
}
protected override async Task <UserReadModel> ProcessAsync(UserManagementCommand <UserResetPasswordModel> message, CancellationToken cancellationToken)
{
var model = message.Model;
// check for existing user
var user = await _dataContext.Users
.GetByEmailAddressAsync(model.EmailAddress)
.ConfigureAwait(false);
if (user == null)
{
throw new DomainException(422, $"User with email '{model.EmailAddress}' not found.");
}
if (!_passwordHasher.VerifyPassword(user.ResetHash, model.ResetToken))
{
throw new DomainException(HttpStatusCode.Forbidden, "Invalid reset password security token.");
}
var passwordHashed = _passwordHasher
.HashPassword(model.UpdatedPassword);
user.PasswordHash = passwordHashed;
user.AccessFailedCount = 0;
user.LockoutEnabled = false;
user.LockoutEnd = null;
user.Updated = DateTimeOffset.UtcNow;
await _dataContext.SaveChangesAsync(cancellationToken).ConfigureAwait(false);
// convert to read model
var readModel = _mapper.Map <UserReadModel>(user);
return(readModel);
}
protected override async Task <UserReadModel> ProcessAsync(UserManagementCommand <UserRegisterModel> message, CancellationToken cancellationToken)
{
var otp = GenerateRandomOTP(4, saAllowedCharacters);
var model = message.Model;
using (var scope = await _dataContext.Database.BeginTransactionAsync(cancellationToken).ConfigureAwait(false))
{
try
{
// check for existing user
var user = await _dataContext.Users
.GetByEmailAddressAsync(model.EmailAddress)
.ConfigureAwait(false);
if (user != null)
{
throw new DomainException(422, $"User with email '{model.EmailAddress}' already exists.");
}
var passwordHashed = _passwordHasher
.HashPassword(model.Password);
user = new Data.Entities.User
{
EmailAddress = model.EmailAddress,
DisplayName = model.DisplayName,
PasswordHash = passwordHashed,
Created = DateTimeOffset.UtcNow,
Updated = DateTimeOffset.UtcNow,
PhoneNumber = model.PhoneNumber,
OTP = otp,
IsPhoneNumberConfirmed = false,
IsGlobalAdministrator = false
};
await _dataContext.Users
.AddAsync(user, cancellationToken)
.ConfigureAwait(false);
await _dataContext
.SaveChangesAsync(cancellationToken)
.ConfigureAwait(false);
// convert to read model
var readModel = _mapper.Map <UserReadModel>(user);
var currentUser = _mapper.Map <Data.Entities.UserProfile>(user);
var roles = await _dataContext.Roles.GetByNameAsync(Data.Constants.Role.MemberName).ConfigureAwait(false);
var defaultRoles = _mapper.Map <Data.Entities.UserRole>(user);
defaultRoles.RoleId = roles.Id;
defaultRoles.UserType = (int)Enum.Roles.Trainee;
await _dataContext.UserRoles.AddAsync(defaultRoles, cancellationToken).ConfigureAwait(false);
await _dataContext.UserProfiles.AddAsync(currentUser, cancellationToken).ConfigureAwait(false);
var status = await _dataContext.SaveChangesAsync(cancellationToken).ConfigureAwait(false);
if (status != 0)
{
var result = await _sMSTemplateService.SendOTP(user.PhoneNumber, otp).ConfigureAwait(false);
if (result == false)
{
Logger.LogWarning($"Unable to send OTP '{model.PhoneNumber}' please try again later or contact administrator.");
throw new DomainException(422, $"Unable to send OTP '{model.PhoneNumber}' please try again later or contact administrator.");
}
else
{
scope.Commit();
return(readModel);
}
}
}
catch (Exception ex)
{
Logger.LogError(ex.Message);
scope.Rollback();
throw new DomainException(422, $"Unable to Register:'{ex.Message}', Please try again.");
}
}
return(null);
}
